Journal of Physcs: Conference Seres PAPER OPE ACCESS ewor Secury Rs Assessmen Based on ode Correlaon To ce hs arcle: Zengguang Wang e al 2018 J. Phys.: Conf. Ser. 1069 012073 Vew he arcle onlne for updaes and enhancemens. Ths conen was downloaded from IP address 148.251.232.83 on 18/10/2018 a 00:28
IOP Publshng IOP Conf. Seres: Journal of Physcs: Conf. Seres 1234567890 1069 (2018) 012073 do :10.1088/1742-6596/1069/1/012073 ewor Secury Rs Assessmen Based on ode Correlaon Zengguang Wang 1, Yu Lu 1 and Jndong L 2 1 Shazhuang Campus of Army Engneerng Unversy, Shazhuang 050003, Chna 2 The 69225 Army, Heng 841300, Chna w1223797579@163.com Absrac. A newor secury rs assessmen mehod based on node correlaon s proposed n order o solve he problem ha lle consderaon s gven o node correlaon and dversy n radon newor secury rs assessmens. Ths mehod whch s based on Hdden arov model quanfes secury rs of he node hrough ndrec rss caused by he drec rss and correlaons of nodes. Combned he secury rs and he mporance of he node, he overall rs of he arge newor s calculaed. Ths mehod can evaluae newor secury rs more accuraely and provde bass for he formulaon of newor secury polcy. 1. Inroducon Wh he connuous developmen of nformaon echnology, he Inerne has gradually become an ndspensable par of people's lfe and wor. Wh he connuous developmen of nformaon echnology, he Inerne has gradually become an ndspensable par of people's lfe and wor. An endless sream of aacs poses a grea hrea o newor secury. Tradonal newor secury proecon based on deecon can only be passve defense afer aac, and can no solve he newor secury problem from he roo [1]. ewor secury rs assessmen can evaluae he rs sae of he arge newor before he hrea occurs, and provde suppor for mplemenng he newor secury conrol sraegy. As one of he research hospos n he feld of newor secury, more achevemens have been made n he feld of newor secury rs assessmen. The prevous research on he rs of newor secury manly focuses on he sudy of he rs of a sngle node [2]. To a ceran exen, he quanave problem of newor secury rs s solved. However, n he process of rs assessmen, he mporance of he newor node correlaon (newor node correlaon, C) and he mporance of he node o he newor secury s no consdered. The newor secury rs assessmen resul s no accurae. To solve hs problem, a newor secury rs assessmen mehod based on node correlaon s proposed n hs paper. Ths mehod s based on Hdden arov model o evaluae he secury rs of ndependen newor nodes. Then, we calculae he correlaon beween nodes and he mporance of nodes by probably. The overall rs of he arge newor s calculaed hrough he secury rs and he mporance of he node. 2. Relevan Theorecal Knowledge 2.1. Defnon of ode Correlaon Defne 1: pars. The hoss n he arge newor are recorded as nodes n he newor. The servces and applcaons runnng on he hos are recorded as he man body on he nodes. The componen on he node whch s called C A s conss of he number symmery beween he hos A and he man body. Conen from hs wor may be used under he erms of he Creave Commons Arbuon 3.0 lcence. Any furher dsrbuon of hs wor mus manan arbuon o he auhor(s) and he le of he wor, ournal caon and DOI. Publshed under lcence by IOP Publshng Ld 1
IOP Publshng IOP Conf. Seres: Journal of Physcs: Conf. Seres 1234567890 1069 (2018) 012073 do :10.1088/1742-6596/1069/1/012073 Defne 2: C. C s a specal access relaonshp based on physcal connecon. Aacer gans access o node A hrough newor aac, and ges he permsson of componen C B hrough aac of componen C A docng pon B. The access relaonshp ha can be used s called C from componen C A o componen C B. C A:B can be represened by an ordered fve uple <A, B,, and W>. Among hem, A and B represen nodes n he newor, and and represen he man body on he node. W represens he specfc quanzed value of he C relaonshp, whch can deermne he dfferen values accordng o he specfc newor envronmen and praccal experence [3]. Defne 3: he mporance of node. The mporance of nodes depends manly on he ype of servce, sorage, and daa flow. In shor, he more servces provded by newor nodes, he more mporan s. If he number of hoss n he newor s L, he mporance of nodes s quanfed as Ps, and he mporance of node A n he newor s quanfed as PA, and hen he relave mporance wegh value of node A n he newor can be defned as: V A PA L s=1 P s (1) 2.2. ecessy Elaboraon In he process of newor secury rs assessmen, he correlaon beween nodes wll affec he accuracy of he evaluaon process. In he assessmen of newor secury rs, f here s a C relaonshp beween wo nodes, when he conrol pary s aaced and he prosecuon s no aaced, accordng o he radonal rs assessmen mehod, only he rs of he conrol pary s ncreased and he prosecuon s affeced by he prosecuon. Obvously, hs s no n lne wh he acual suaon of newor operaon [4]. Therefore, consderng he correlaon of nodes n he process of newor rs assessmen can mprove he accuracy of evaluaon resuls. The locaon and servce provded by newor nodes lead o dfferen mporance of nodes relave o he newor. The mporance of nodes also affecs he resuls of rs assessmen. The newor nodes n he core poson and he newor nodes a he edge poson are affeced by he aac, and he mpac on he overall newor rs s dfferen. Therefore, n he process of newor secury rs assessmen, we should consder he mporance of nodes and he mpac on newor secury rss. 3. Hdden arov odel Based on ode Correlaon 3.1. Hdden arov odel The secury suaon of he arge newor can be represened by he hdden arov model, and he hdden arov model can be represened by fve uples. Among hem: (1) S s1, s2,, s, whch represens he secury sae of a newor node. Because he newor s a changng complex sysem, he secury sae of nodes wll change wh me. Therefore, a sochasc process X X S s used o represen he secury sae of nodes a me. (2) Y y1, y2,, y, whch represens a collecon of dfferen ypes of aacs ha can be deeced n a newor. Aacs n he newor wll change wh me. Therefore, a random processz Z Y s used o represen he ypes of aacs deeced a me. (3) A a, whch represens he ransfer marx of he node secury sae. In he formula, a P( X s X s ),1,. 1 (4) B b ( ), whch represens he observaon marx, whch ndcaes he probably of y aac when node s s n sae. In he formula, b ( ) P( y s ),1,1. (5), whch represens nal probably dsrbuon of secury sae. In he formula, P( X s ),1, whch ndcaes he probably ha nodes are a a safe sae a me 0. 0 2
IOP Publshng IOP Conf. Seres: Journal of Physcs: Conf. Seres 1234567890 1069 (2018) 012073 do :10.1088/1742-6596/1069/1/012073 3.2. ode Sae Probably Calculaon The probably ha he node K s n he sae S of me s,, (, ),1,1 can be calculaed by he followng formula. In he formula (2), Therefore, P( X s, Z y ) P( Z y X s ) P( X s ), (, ) P( X s Z y ) P( Z y ) P Z y X s P X s 1, whch ( ) ( ) () 0 0 0 1 1 1 (3) P( X s ) P( X s, X s ) P( X s X s ) P( X s ) a (2) In he formula (4), () (, ), () 1 P( Z y X s ) a () P( Z y X s ) a 1 1 a represens he ransfer probably of sep of node K. (4) 4. Rs Assessmen ehod Based on Hdden arov odel The rs value of nodes n he newor can be defned by he specfc envronmen of newor operaon. Vecor Rs ( r1, r2, r ) s used o represen he rs value correspondng o each sae. 4.1. Calculaon of ode Rs Value Because of he specal access relaons among nodes n he newor, he rs of nodes s nfluenced by he rs of he assocaed nodes n addon o her own secury rs. The rss of nodes can be dvded no wo pars: drec rss (, ) he sae of he node self; (, ) value. DR and ndrec rss IR (, ). DR (, ) refers o he rs brough by IR refers o he nfluence of he neghborng nodes on he node rs The compuaon of DR (, ) does no ae no accoun he correlaon of nodes. I can be calculaed by he probably dsrbuon of T nodes and he correspondng rs vecors. The concree formula s as follows: DR (, ) (, ) r (5), 1 The compuaon of IR (, ) needs o consder he specal access relaonshp beween nodes. Therefore, he calculaon of IR (, ). I s necessary o consder he C relaonshp beween node K and adacen nodes. The defnon of node correlaon n reference [5] s defned [5]. There are nodes ha have C relaons wh node K, whch s called 1, 2. Accordng o he specfc newor envronmen, he quanave value of C relaonshp s deermned as W l,.the value of W l, s [0, 1], and he greaer he value s, he greaer he rs of node K wll be affeced by relaed nodes. The rs value of he node wh K node C a me s recorded as r (, ),1 l,1.the mpac of nodes wh C relaonshps on he rs of node K s recorded as r (, ),1 l,1.i can be calculaed hrough he quanzed value of C relaonshp and he rs value of he relaed nodes. The specfc formula s as follows:, l l r (, ) W r (, ) (6) l l l 3
IOP Publshng IOP Conf. Seres: Journal of Physcs: Conf. Seres 1234567890 1069 (2018) 012073 do :10.1088/1742-6596/1069/1/012073 The ndrec rs of node K s caused by he specal access relaonshp beween nodes. Therefore, he value of he ndrec rs should be aen as he maxmum of he rs of he relaed nodes., 1 l 1 l l l l IR (, ) max r (, ) max W r (, ) (7) The rs of he node s deermned by DR (, ) and IR (, ). I can be calculaed by he followng formula: R ( ) 1 f ( x) DR (, ) f ( x) IR (, ) (8) f( x) s he wegh funcon of ndrec rs, represenng he proporon of ndrec rs n node rs, and x corresponds o he quanzed value of C correspondng o IR (, ).The selecon of wegh funcon should be carred ou accordng o he specfc condons of he newor, so as o oban more rs values ha are more n lne wh he acual suaon of he newor. The followng characerscs should be me: (1) relaed o he quanzaon value of C relaon; (2) monoonc ncreasng funcon on [0, 1] nerval [6]. 4.2. Calculaon of ewor Rs Value When here are nodes n he arge newor, he correspondng rs values of nodes are recorded as R (, ) m hrough he calculaon mehod of he node rs n 4.1. In order o be more realsc n he rs value of he newor, he radonal sngle hos rs s no drecly added and hen he newor rs value s calculaed on average. Consderng dfferen nodes' nfluence on newor secury, he mporance parameers of nodes are se. The newor rs value R (, ) s calculaed hrough node mporance and node rs value. The specfc calculaon formula s as follows: R (, ) VR (, ),1 m (9) m1 5. Concluson In hs paper, a node correlaon based newor secury rs assessmen mehod s proposed by nroducng node relevance, whch solves he problem ha he radonal newor secury rs assessmen s gnored by he neglec of node correlaon. A he same me, consderng he relave mporance of nodes n he evaluaon process, s closer o he acual suaon of newor operaon. Ths mehod can evaluae newor secury rs more accuraely and provde suppor for he formulaon of newor secury polcy. 6. References [1] Zhou We, Zhang Hong, L Bohan. ewor rs assessmen mehod based on aac-defense graph model [J]. Journal of Souheas Unversy (aural Scence Edon), 2016, 46 (4): 688-694. [2] L Wemng, Le Je, Dong Jng, e al. An opmzed mehod for real-me newor secury quanfcaon [J]. Chnese Journal of Compuers, 2009, 32 (4):793-804. [3] Poolsappas, Dewr R, Ray I. Dynamc secury rs managemen usng Bayesan aac graphs [J]. IEEE Trans on Dependable and Secure Compung, 2012, 9(1):61-74. [4] Zhang Shuwe, LIU Wen-fen, WAG Jun. ewor Secury Quanfcaon Assessmen Based on he Correlaons of odes [J]. Journal of Informaon Engneerng Unversy, 2015, 16 (2):145-151. [5] Zhang Yongzheng, Xa Jngbo, Fang Zyang, e al. ewor secury assessmen based on node quanfcaon [J]. Chnese Journal of Compuers, 2007, 30 (2): 234-240. [6] X Rongrong, Yun Xaochun, Zhang Yongzheng, Hao Zhyu. An Improved Quanave Evaluaon ehod for ewor Secury [J]. Chnese Journal of Compuers, 38 (4), 2015, 749 758. 4